Sensitive data policy recommendation based on compliance obligations of a data source
Abstract
Systems, computer-implemented methods, and computer program products that can facilitate sensitive data policy recommendation are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise an extraction component that can employ an artificial intelligence model to extract compliance data from a data source. The computer executable components can further comprise a recommendation component that can recommend a sensitive data policy based on the compliance data. In some embodiments, the recommendation component can further identify one or more sensitive data entities of a sensitive data dataset that are affected by actionable obligation data of the data source.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A system, comprising:
a memory that stores computer executable components; and
a processor that executes the computer executable instructions stored in the memory to:
employ an artificial intelligence model to extract compliance data from a data source, wherein the artificial intelligence model performs natural language processing on text of one or more documents in the data source to extract the compliance data related to legal requirements associated with sensitive data datasets, and wherein the compliance data comprises respective actionable obligation data associated with the legal requirements;
map the respective actionable obligation data in the compliance data to one or more sensitive data entities of a sensitive data dataset, and
map the respective actionable obligation data to one or more sensitive data policies for meeting the legal requirements; and
recommend a sensitive data policy for a sensitive data entity of the one or more sensitive data entities based on the mappings of the respective actionable obligation data to the one or more sensitive data entities and the one or more sensitive data policies, wherein the sensitive data entity is not currently in compliance with the legal requirements associated with the respective actionable obligation data.
2. The system of claim 1 , wherein the compliance data further comprises at least one of compliance entity data, obligation data, obligation target data, obligation content data, non-actionable obligation data, definition data, definition target data, definition content data, a data property, an entity property, entity relationship data, a role of a data consumer, or a data processing technique.
3. The system of claim 1 , wherein the processor further executes the computer executable instructions to:
segment the data source into compliance sections comprising at least one of an obligation section or a definition section, thereby facilitating improved processing performance associated with the processor.
4. The system of claim 1 , wherein the processor further executes the computer executable instructions to:
classify obligation data of the data source into at least one of actionable obligation data or nonactionable obligation data.
5. The system of claim 1 , wherein the processor further executes the computer executable instructions to identify the one or more sensitive data entities that are affected by the respective actionable obligation data.
6. The system of claim 1 , wherein the processor further executes the computer executable instructions to employ the artificial intelligence model to extract at least one of new compliance data or revised compliance data from a second data source, and wherein the second data source comprises at least one of an iteration of the data source or a different data source.
7. The system of claim 1 , wherein the data source is selected from a group consisting of a legal document, a legislation document, a guidance document, a regulatory document, a compliance document, and a contract.
8. A computer-implemented method, comprising:
employing, by a system operatively coupled to a processor, an artificial intelligence model to extract compliance data from a data source, wherein the artificial intelligence model performs natural language processing on text of one or more documents in the data source to extract the compliance data related to legal requirements associated with sensitive data datasets, and wherein the compliance data comprises respective actionable obligation data associated with the legal requirements;
mapping, by the system, the respective actionable obligation data in the compliance data to one or more sensitive data entities of a sensitive data dataset, and
mapping, by the system, the respective actionable obligation data to one or more sensitive data policies for meeting the legal requirements; and
recommending, by the system, a sensitive data policy for a sensitive data entity of the one or more sensitive data entities based on the mappings of the respective actionable obligation data to the one or more sensitive data entities and the one or more sensitive data policies, wherein the sensitive data entity is not currently in compliance with the legal requirements associated with the respective actionable obligation data.
9. The computer-implemented method of claim 8 , wherein the extracting comprises:
extracting, by the system, from the data source, at least one of compliance entity data, obligation data, obligation target data, obligation content data, non-actionable obligation data, definition data, definition target data, definition content data, a data property, an entity property, entity relationship data, a role of a data consumer, or a data processing technique.
10. The computer-implemented method of claim 8 , further comprising:
segmenting, by the system, the data source into compliance sections comprising at least one of an obligation section or a definition section, thereby facilitating improved processing performance associated with the processor.
11. The computer-implemented method of claim 8 , further comprising:
classifying, by the system, obligation data of the data source into at least one of actionable obligation data or nonactionable obligation data.
12. The computer-implemented method of claim 8 , wherein the data source is selected from a group consisting of a legal document, a legislation document, a guidance document, a regulatory document, a compliance document, and a contract.
13. The computer-implemented method of claim 8 , further comprising:
identifying, by the system, the one or more sensitive data entities that are affected by the respective actionable obligation data.
14. A computer program product facilitating a sensitive data policy recommendation process based on compliance data of a data source, the computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to:
employ, by the processor, an artificial intelligence model to extract the compliance data from the data source, wherein the artificial intelligence model performs natural language processing on text of one or more documents in the data source to extract the compliance data related to legal requirements associated with sensitive data datasets, and wherein the compliance data comprises respective actionable obligation data associated with the legal requirements;
map, by the processor, the respective actionable obligation data in the compliance data to one or more sensitive data entities of a sensitive data dataset, and
map, by the processor, the respective actionable obligation data to one or more sensitive data policies for meeting the legal requirements; and
recommend, by the processor, a sensitive data policy for a sensitive data entity of the one or more sensitive data entities based on the mappings of the respective actionable obligation data to the one or more sensitive data entities and the one or more sensitive data policies, wherein the sensitive data entity is not currently in compliance with the legal requirements associated with the respective actionable obligation data.
15. The computer program product of claim 14 , wherein the program instructions are further executable by the processor to cause the processor to:
extract, by the processor, from the data source, at least one of compliance entity data, obligation data, obligation target data, obligation content data, non-actionable obligation data, definition data, definition target data, definition content data, a data property, an entity property, entity relationship data, a role of a data consumer, or a data processing technique.
16. The computer program product of claim 14 , wherein the program instructions are further executable by the processor to cause the processor to:
segment, by the processor, the data source into compliance sections comprising at least one of an obligation section or a definition section.
17. The computer program product of claim 14 , wherein the program instructions are further executable by the processor to cause the processor to:
classify, by the processor, obligation data of the data source into at least one of actionable obligation data or nonactionable obligation data.
18. The computer program product of claim 14 , wherein the program instructions are further executable by the processor to cause the processor to:
employ, by the processor, the artificial intelligence model to extract at least one of new compliance data or revised compliance data from a second data source, and wherein the second data source comprises at least one of an iteration of the data source or a different data source.
19. The computer program product of claim 14 , wherein the program instructions are further executable by the processor to cause the processor to:
identify, by the processor, the one or more sensitive data entities that are affected by the respective actionable obligation data.
20. The computer program product of claim 14 , wherein the data source is selected from a group consisting of a legal document, a legislation document, a guidance document, a regulatory document, a compliance document, and a contract.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.